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DETAILED ACTION 

Claim Rejections - 35 USC § 112 

1 . The following is a quotation of the second paragraph of 35 U.S. C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

2. Claim 7 recites the limitation "the excessive rate" in line 3 of the claim. There is 
insufficient antecedent basis for this limitation in the claim because there is no previous 
recitation of "a(n) excessive rate". 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of 
this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art 
to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. 

4. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

5. Claim 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hussain et al. (US 
Pat 7,177,3 1 1), hereinafter referred to as Hussain in view of Meggers et al. (US Pat 6,728,270), 



hereinafter referred to as Meggers. 
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6. For claim 1, Hussain teaches a flow meter structure (access control list) is associated 
with a packet flow. The flow meter structure contains various statistics associated with the 
packet flow, including packet counts for a time interval (configuring a packet rate limit for an 
ACL (access control list) interface, defined by a maximum number of packets Pmax acceptable 
in a time interval Trefresh). When a packet is received, the current packet flow count is 
compared to a predetermined maximum value (counting the number of packets P received at said 
ACL interface). If the maximum value is exceeded, the packet for that flow is dropped [col. 11 
line 55 to col. 12 line 5 and figure 5] (discarding all packets arriving at said ACL after Pmax 
has been reached). 

7. Hussain does not teach placing rejected packets into a separate queue. Meggers teaches 
the queuing of rejected packets absent from the teachings of Hussain by disclosing a queue 
structure where rejected real-time packets are placed into a seperate First-In-First-Out (FIFO) 
(extraction queue) to be processed (further examined) according to a best effort strategy [col. 15 
lines 40-45] . It would have been obvious to a person of ordinary skill in the art at the time of the 
invention to further process rejected packets in an extraction queue in Hussain's invention to 
prioritize packet flows [Meggers, col. 15 line 45]. 

8. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hussain in view of 
Meggers, as applied to claim 1 above, and further in view of Cheriton et al. (US Pg Pub 
2004/0252693), hereinafter referred to as Cheriton. 

9. For claim 2, Hussain teaches a flow meter structure (ACL) contains various statistics 
associated with a packet flow, including a maximum number of packets over a time interval [see 
claim 1] . Hussain does not teach whether or not the parameters of the flow meter structure are 
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configurable. Cheriton teaches the configurable parameter limitation absent from the teachings 
of Hussain by disclosing a Time-To-Live (TTL) tag, which is included in an ACL, can be revised 
by a network administrator [0041] (wherein Pmax and Trefresh are configurable). It would have 
been obvious to a person of ordinary skill in the art at the time of the invention to allow a 
network administrator to configure the time interval and maximum number of packets in 
Hussain' s invention to give the user flexibility to implement the ACL in a manner that best suits 
their particular needs. 

10. Claim 3 is rejected under 35 U.S.C. 1 03(a) as being unpatentable over Hussain in view of 
Meggers, as applied to claim 1 above, and further in view of Kesavan (US Pg Pub 
2004/0062200) and Ozveren (US Pat 5,432,784). 

1 1 . For claim 3, Hussain teaches the flow meter structure includes a counter (providing a 
packet rate limit counter at said ACL interface and initiating said counter at a value StartCount). 
The counter is incremented each time a packet is received [col. 11 lines 55-64] (incrementing the 
counter with each received packet of said packet flow to provide a CurrentCount). 

12. The teachings of Hussain disclose the counter must be less than a maximum count value 
[see claim 1]. Hussain's teachings are not clear as to the initial value of the counter. Ozveren 
expands on the teachings of Hussain by disclosing a counter can be initialized either to zero or 
some number greater than zero [col. 7 lines 10-16]. It would have been obvious to a person of 
ordinary skill in the art at the time of the invention to use counter initialization values in 
Hussain's invention as a way to indicate whether or not flow bandwidth should be limited. 
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13. Hussain does not teach a counter refresh interval. Kesavan teaches the counter refresh 
interval absent from the teachings of Hussain by disclosing a counter is reset when a time 
interval has expired 505 [figure 5] (resetting said counter at said time intervals Trefresh). It also 
would have been obvious to a person of ordinary skill in the art at the time of the invention to use 
Kesavan's time interval refresh in Hussain's invention to ensure the counter does not erroneously 
start dropping packets. 

14. Claims 4-6 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hussain in 
view of Meggers, Kesavan and Ozveren as applied to claim 3 above, and further in view of Hao 
(US Pat 6,85 1,008). 

15. For claim 4, Hussain teaches if a packet for a flow exceeds a maximum packet count 
over a time interval, the packet is dropped [see claim 1]. Hussain does not teach all packets are 
dropped when saturation occurs. Hao teaches the dropping of all packets limitation absent from 
the teachings of Hussain by disclosing saturation occurs when a memory buffer exceeds a 
"DROP" threshold. In response, a system will start dropping incoming data packets [col. 7 lines 
12-15] (discarding all packets arriving at said ACL interface after said counter reached a 
saturation value Counts at). 

16. It would have been obvious to a person of ordinary skill in the art at the time of the 
invention to drop all packets when saturation occurs in Hussain's invention to prevent a 
catastrophic failure of the system. 

17. For claim 5, the rejection of claim 4, discusses the limitation of discarding of all packets 
when a saturation value has been reached and provides the motivation to combine (discarding all 
packets arriving at said counter after said counter reached a saturation value CountSat). Hussain 
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does not teach dropped packets are counted. Kesavan teaches the counting of dropped packets 
limitation absent from the teachings of Hussain by disclosing a storm control device drops 
packets until the number of or byte count value of dropped packets for a time interval falls below 
a lower threshold value. The dropping of packets occurs when an upper threshold in a preceding 
time interval is exceeded [0032] (counting the number of the packets discarded since said 
counter reaches said saturation value until said Trefresh). It would have been obvious to a 
person of ordinary skill in the art at the time of the invention to count the number of packets 
discarded over a time interval in Hussain's invention to keep track of the interface rate. 

18. For claim 6, Hussain teaches the flow meter structure contains a single counter [col. 11 
line 63] (wherein counting of the discarded packets is performed with said counter). 

19. Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hussain in view of 
Meggers, as applied to claim 1 above, and further in view of Jungck et al. (US Pg Pub 
2002/0009079), hereinafter referred to as Jungck. 

20. For claim 7, the combination of Hussain and Meggers disclose the use of an extraction 
queue for holding rejected packets requiring further processing. The combination of Hussain and 
Meggers does not teach determining a cause of an excessive rate. Jungck teaches a packet 
interceptor adapter 720 that provides Denial of Service (excessive rate) protection [0179, figure 
7] . According to Jungck, packets are dequeued and various packet properties are examined to 
determine if the packet should be accepted. For example, if a number of malformed packets 
received from a particular source exceeds a certain threshold, the source's Internet Protocol 
address is blacklisted [0179-0183] (determining a cause of the excessive rate). It would have 
been obvious to a person of ordinary skill in the art at the time of the invention to determine the 
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cause of an excessive rate in Hussain's invention to prevent the source of the attack from being 
able to launch future attacks against the same target. 

Response to Arguments 

21 . Applicant's arguments with respect to claim 01/08/2008 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

22. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JEFFREY M. RUTKOWSKI whose telephone number is 
(571)270-1215. The examiner can normally be reached on Monday - Friday 7:30-5:00 PM EST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hassan Kizou can be reached on (571) 272-3088. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Jeffrey M Rutkowski 
Patent Examiner 
02/20/2008 



/Hassan Kizou/ 

Supervisory Patent Examiner, Art Unit 2619 



